Posted
by
Cliffon Tuesday May 16, 2006 @09:55PM
from the now-that-they-are-watching-are-you-paranoid-yet dept.

P asks: "In the light of the recent discussions about on-line privacy: What can one do to protect his/her on-line privacy, while still having a enjoyable web experience? For example, are you using PGP for all your emails and Zfone for all your VOIP traffic? Or are there better ways of protecting oneself? Share your tips and tricks."

seriously, if "They" want your data, They will go through your trash, subpoena your pay records and phone records, and tap your phone line. "They" will know more about you than you can imagine, regardless of whether you use encrypted VoIP or not.

Want to feel safe on line? Write your Congressman, tell your friends about IP and privacy issues, affect a cultural change. As long as 51% of your friends are willing to trade freedom (theirs and yours) for security (mostly theirs), you're fscked.

Politicians don't care. And maybe they shouldn't. There are bigger fish to fry right now.I understand that in an online community, privacy is a big issue. Just like condoms in schools are a big issue with soccer moms. However, in the overall scheme of things, there are a lot of areas that need to be fixed.

If you really want to make a change, start demanding term limits on the Senate and House.

Demand a Constitutional ammendment limiting the ammount of money a single person is able to contribute to a poli

Demand that the DoD and other government agencies reduce their budgets while maintaining manpower to accomplish their missions. Do we really need to spend $200m on the F-22 when the $40m F-16 and F-18 is still good? Sure, the F-22 is nice, but would you rather be defended by a single F-22 or 5 F-16s? Do you really think a pilot in an F-22 could take out 5 F-16s?

First, we''re not going to be fighting F-16s, MiGs? Sus? Yeah. Mirages and ChengDus? Maybe. But not Fs. Anyway, it might be able to, I don't k

That's what Robert Welch (founder of the John Birch Society) argued [publiceye.org]: "Welch's famous book, The Politician, caused a stir even among many loyal Birch members who were shocked by Welch's assertion that President Dwight D. Eisenhower was "a dedicated conscious agent of the communist conspiracy.""

If you really want to make a change, start demanding term limits on the Senate and House.

We have those. Every two or six years (depending), the public gets to vote on whether they stay in office.

The kinds of term limits you're talking about are what lazy and ignorant voters ask for, so they don't have to get off their butts and figure out who needs to leave now. And legislative term limits don't do any good, because the professional bureaucrats who make up most of the government and have most of the r

That's BS. Power in DC is based on seniority. There is no way Utah will every get rid of Hatch. There is no way Mass will ever vote out Kennedy. And do you think Alaska would ever get rid of Stephens?Those states need those people. Mass knows that the one time every decade they need Kennedy, he'll be able to get face time on every network because he's a Kennedy. They know that his peers will listen beceuse if they don't, he'll talk to the lobyists and their campaign money will dry up.

If power in D.C. is based on seniority (and you're right: it is), then term-limiting Congresscritters would just put all the power into the hands of the unelected bureaucrats. They'd have all the "seniority", and Reps and Senators would be just a bunch of temps sent by the states to perform for the cameras on the floor for a few terms.

The President has a term limit. Why shouldn't Congress?

The danger of that office gaining too much power is greater. For some reason the public is far more willing to giv

Back in 1998 I was raided by the Australia Federal Police. They were looking for evidence on computer crimes allegedly committed by people I had allegedly spoken to on IRC. They weren't after me, but I was still thankful that my harddrive was encrypted and there we no laws, at the time, that could be used to force me to give up my encryption keys. Had there been evidence on my harddrive that I had committed a crime (there wasn't, unless I'm committing crimes and I'm not aware of it) I would have been facing jail time, even though the AFP did not have any justification to search that computer because of anything I had done.

I prefer Tor because it is affiliated with the Electronic Frontier Foundation (EFF).
A page on the EFF website states, "A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web log

or join the underground network named AnoNet [brinkster.net], stops snoops on both the inside and the outside. its a self contained internet on top of the internet running over multiple vpn's, it might even have holes to the outside via a tor or proxy servers, i use it all the time, not only from an anonymous point of view but also the networking experiments, great community, great spirit.

You do realise that TOR protects you only as much as your endpoints let you, right? Look at this. [unixgu.ru]
They don't have to be nice and blank out the interesting characters... neither does anyone else running (or compromising and altering) TOR endpoints.

seriously, if "They" want your data, They will go through your trash, subpoena your pay records and phone records, and tap your phone line. "They" will know more about you than you can imagine, regardless of whether you use encrypted VoIP or not.

I don't know where you're from, but here in the US if "they" want to tap my phone or see my data and pay records "they" just do it. Subpoenas are for people who hate America.

Remember kids: If you're not doing anything wrong, then the fact that you're gatheri

And fuck grocery store 'discount cards'. I've found it is best to get a new card with application, then discard application and continue to use card. If the application is necessary, the store's address and name of "General Manager" usually works for as long as you need the card.

I was using GPG in Thunderbird, linked to my gmail account. This was just for signing though, so it was more to protect my identity than my privacy. I believe GPG does encryption too.
It was seamless once it was setup, but I use gmail from too many places. It just wasn't worth it. Here's hoping Google adds support for this sort of thing to Gmail.

There has been a discussion on the Linux Kernel Mailing List with regards/dev/random (which I provoked by forwarding a link to a paper critical of it), which GnuPG, OpenSSL and other crypto programs use. Apparently, there are possible attacks which would allow an attacker to calculate earlier random numbers in the sequence, allowing them to guess generated private keys. This seems to be a theoretical attack only and seems to preclude remote exploits, as you'd need access to that device. However, it points

I'm not sure what value there is in using GPG/OpenPGP when none of my friends do. I can think of a few things:- promoting awareness of GPG (on those rare occasions when people ask me about the GPG signature block),

- using GPG for fun with fellow geeks I meet (but GPG is not mandatory --I mean, face it, I like you geeks and all, but no way am I going to exchange credit card numbers with you)

Right now I've got my wife set up to optionally have GPG available (via Enigmail on Thunderbird), but she's hardly usi

Really? I have my doubts that it could be unobtrusive. The actual encryption/signing of mail could be done invisibly or nearly, but what about key management? You need some sort of web of trust. Which means you need to tell the system who you trust to sign keys, and how much. I don't think there's any automated way around that, which means that you MUST put the burden on the user. And explaining what they are doing (setting up the "web of trust" or whatever you want to call it) is NOT going to be an easy ta

This isn't a direct answer, but it's directly related. I've always wondered why network applications don't use encryption by default. For practically everything, from web servers to instant message apps, you have to go out of your way to set it up with any decent level of security.Why aren't all connections passed over ssl or ssh? I know it's a bit of overhead, but it's not that significant for modern desktops.

Why isn't it the norm to see web servers running SSL? Why is SSL reserved for only financial t

One more thing to go wrong and increase support costs. Or if you like tinfoil, 'cuz the NSA want their job easier. There's no way they could snarf anything beyond src/dst/vol/time traffic analysis if most of the net were encrypted.

I suspect some netzis like China (Singapore?) would ban encrypted traffic if they could.

In Britian encryption is perfectly legal (I realise your.uk/.au comment was probably tongue-in-cheek), but it is a criminal offence to not hand over passwords or encryption keys to a court AFAIK.... The RIP act can be thanked for this.

I rememeber the Clipper, but not the guy who attacked it. IIRC, it died a market death.

The problem with subpoenae is they're handed out like handbills. Just start a lawsuit, and you've got the power. Of course, you could plea the Fifth. I'm not sure if that's been ruled upon wrt cryptokeys.

Most websites are read only. So the only interesting bit for a spy is who connects, SSL doesn't hide that.

You can't use SSL on multiple virtual hosts in Apache 1.x (not sure about 2.x) so even for self signing you have to choose which single hostname to use.

What incentive for me as a host ?

I'm with you for some stuff, but that's usually where verifying your identity is important. My webmail/imap host is SSL - https://www.fastmail.fm/ [fastmail.fm] but I have no idea who they actually are

There's a simple reason; it costs money.Browsers come with a limited number of root certificates. If they encounter a SSL connection not signed by one of these certificates, a dialog box pops up warning the user and asking if they wish to continue. Clearly, you don't want the browser implying that you're untrustworthy to your users, so you have to go out and get a certificate signed by Verisign or some similar company.

Large websites clearly don't have a problem with this. What's several hundred dollars to a

i currently don't really worry about my email security (if someone wants to read my aunt's cookie recipes, thats fine by me). if i happened to be doing something important, i'd likely use some form of encryption, likely PGP or maybe something stronger.

i currently don't really worry about my email security (if someone wants to read my aunt's cookie recipes, thats fine by me). if i happened to be doing something important, i'd likely use some form of encryption

This reminds me of a joke that takes place in a courtroom:

Prosecutor: Did you see this woman in New York?Defendant: I refuse to answer that question!Prosecutor: Did you see this woman in Chicago?Defendant: I refuse to answer that question!Prosecutor: Did you see this woman in Atlanta?Defendant: What!? Atlanta?? I never saw her in Atlanta!

Moral of the story: if you don't pay attention to your email security except when you really need to, then when you do pay attention, someone else would also know to pay attention!

If someone wants to read my aunt's cookie recipes, that is not fine by me. Eat my {/dev/random}-XOR'd dust.

That is all fine, but there must be support from both parties to use encryption. Somehow I don't think his aunt uses GPG, and even if he could go there and set it up, he (or you, or me) can't control what everyone he sends emails to uses.

Of course, you can just stop talking to your friends who don't install GPG and move on with your life.

About all I use online is a web browser. For this, I of course use Mozilla Firefox, but disable cookies (except for sites that I know really need them, like online banking) and disable certain javascript features (opening windows, removing location bar, etc.).

I also use adblock to disable tracking sites. You know, hitbox.com and the like which use included URLs to track you by your IP address.

For those of us who don't use Firefox, it's easier and way more satisfying to blacklist those domains completely. Tacoda.net could be in the business of giving away free signed copies of Windows 98 to 3rd world puppies for all I know, but as far as I'm concerned they've dirtied their name with the crappy type of advertising, and I don't want to see anything from their servers. It'll be an annoying day when google catches on and brings google-analytics.com under google.co.uk, though.

Agreed on the satisfaction level. I use a local DNS server to block domains and all their wildcard subdomains of some of those bandwidth wasting "tracking" sites. Then the whole home network is "protected."

google.com is blocked by default by my NoScript in case they catch on, as you say. I never thought I'd like NoScript, but I've been pleasently surprised at it's ease of use and level of control. If there's a NoScript-type extension for your browser, you might find it useful too.

I have the best method of protecting my privacy online... I use a computer belonging to someone else. The internet connection used by that computer is actually being mooched off of someone else (read: gotta love those unsecured wifi access points). I never use online commerce sites, nor do I maintain an email account.

Also, when anyone asks for my name, I tell them that my name is "Bob".

Seriously, who are your opponents? You cannot do any security planning without threat scenarios. If the NSA wants you, they pwn j00 d00d! But fortunately, they're seldom interested , and even more reluctant to disgorge their capabilities by revealing info.

So you have to decide what is cost effective. For me, for most things, no security at all the the perferred option. I _want_ people to read my postings and email. I'm far more concerned with my msgs not being received/read than unauthorized people

Lie. Lie about everything.
Writing an email to your friend? Lie about it. Lie about everything that happened to you. Lie about who you are. IT DOESN'T MATTER.
Signing up for some new service? Lie. Lie about your name, age, race, sex, address, credit card, whatever. Actually need to recieve the package? Send it to your neighbor and pick it up at the FedEx office with a fake ID that goes with your fake personality.
Sometimes if you lie enough to a girl, you even get to sleep with her. Then, if you get herpes you can just lie to everyone else and say you don't have it! IT'S THE SAME THING IF YOU USE WINDOWS AND GET A VIRUS!! HOORAH!
The lies will set you free.

I just simply do not enter valid information. If they wanted valid information, there are enough ways of getting it. The more information a site asks for, the more I make sure that the responses I give are false. If a site only wants say, my date of birth, I might give my real date. If it wants my postal address, telephone number, yada yada without just cause...I will give them wrong info. Its my way of discouraging the use of such techniques. Maybe if enough people do it, then the next time they upgrade their site they will ask only for information that they absolutely need to have instead of every little detail.

Easy to remember on any site I visit.the moral of the story, NEVER give out true information to ANY online site.You make exceptions on an as-needed basis.(eg. bank, 1 or 2 trustworthy sites to shop from.)

I've never used websecret before, but I've been looking for a nice throw-off CC# to buy things from Paypal only merchants or online shops that seem a little on the 'sketchy' side. Are there any similar services out there open to the public? Most of the disposible credit card offers I've seen are only open to current customers of Credit Card Company X.

These throw away CC #'s make it possible to do anonymous transactions with merchants. The credit card companies still want to know who you are so they can get paid. This seems like a reasonable compromise if you want it to be a credit account. Prepaid throw away debit cards on the other hand would likely be too easily abused for money laundering, making that a product that banks don't want to offer.

It's not a "throw-off" credit card, but my MBNA card has a nice downloadable app called ShopSafe that I *love* and use religiously.It lets you generate a "one-time use" number, with a limit on the amount and expiration date. Once that number is used, it can't be used again. I just used it to buy a radio for my Harley; the price was about $700 plus shipping, so I made the amount $800 and expiration date two months out.

Once the company uses that number, it's locked. I can go into ShopSafe and reclaim the u

Yesterday I tried to sign up for something and entered 1/1/1900 as my d.o.b., selecting the values from dropdown boxes. For some reason, I received the error "incorrect date" until I upped the year to 1920. Strange.

I think the biggest thing is keep your mouth shut about internet stuff to others because you never know who is listening. Only give that kind of information out to those who know it. Also i think that you should only use fake stuff if you have had experience in things going missing like money etc. I also only put my name when signing up for e-mail accounts etc. because that information they do need. Also I believe another way of dealing with good security is make usernames that are unique and not simple

I once received an abusive e-mail from some guy who was receiving loads of spam from a source using a rotation of from addresses. My address happened to appear on the mail he received and it he snapped, firing back at me. His mail address was from his family business, looked up the whois information which was correctly filled in. Phone number, address etc, simple google of the domain name showed me forums in which members of the family had posted in, different topics, cars, real-estate. From there I could build quite a profile of this person, his family, where they lived, google earth supplied satellite images of their house. I knew what kind of cars they owned, how much their house cost and when they bought it (purchasing records of individual houses was available online as part of the council areas statistics).

I sent him a mail explaining that it wasn't me sending the spam, and he wrote back apologising, then I explained to him all the information that I'd found including the google earth picture and he couldn't believe what I'd come up with by just roaming around the net.

I almost never put my real name on the net, I use my "nick" extensively (it _really) cuts down on phishing attacks and makes them much easier to spot), If I have to put my name down for anything other than CC purchases I put my initials in only.

I agree with the suggestion of a variety of tools and your suggestions on which tools to use but I would add one more service (yes, a paid service):
http://www.anonymizer.com/ [anonymizer.com]

I have had no major problems surfing anonymously using the service. Minor problems are certain pages not loading correctly due to CSS/cookies/etc. being blocked or mangled by the Anonymizer service. Most of those pages were places I did not need/want to browse anonymously anyway (/., banking, and others of that sort) so it wasn't tha

Do you remove your browser's cookies on a regular schedule? If you don't, your favourite search engine has a nice track record of all of your searches. If you happen to enjoy your search engine's webmail offering, too, they may very well be able to associate your search habits to your real name, know who your contacts are, and by parsing the mail's contents, in order to place matching ads, they know what you talk about.While Google promises to do no evil - which can be true or not, I'm not judging them - th

Also note that version 8 of Macromedia Flash now has the ability to allow third party shared objects (SOL files). There has been coverage of companies using this mechanism to track users in the same way that third party cookies are used.

Unlike standard cookies however, every user of a PC has to use an online tool [macromedia.com] to change your privacy settings. There is no broswer control of this. I've found the easiest method is to nuke the shared objects folder on startup.

And for those times when it does get out, and it's not in a place that you have control of, or shows up in a cache somewhere, I'm thinking about adding a few hundred pages of partially random information, so the real information blends in the background.

(I ran for public office, so unfortunately, my address is now out there... for those who know where to look... which hopefully isn't the person who was stalking me in college)

The best answer is to talk with your kids, and encourage them to make good decisions. The internet is full of plenty of content easily-accessed that you probably don't want your kids to see. Either the computer is kept in a public place, or you have to educate your kids and trust them. Software programs are too easily bypassed.

Be careful of the steady leak of information that most people go through. After registering on a few forums and stuff like that, it's amazing how much information you can release in a short space of time. After that, your data is only a small search [google.co.uk] away. Even though I've only used this URL and alias for a short while, it already leads to a Frappr map of users of ##slackware on freenode, with my general location and a photo... someone who really knew what they were doing could whois my site [domaintools.com] and then they'd

This'll be suck eggs for many, but new to others.I, like many of you have the ability to have anything@mydomain email addresses that i can use/create on the fly. So what I do is, whenever I register on a website or give my email address out to a third party, I enter/provide a unique address. my email address at slashdot is 'slashdot@mydomain', at amazon it's amazon@mydomain and for any business contact it's my companyname@mydomain - anyway you get the idea.

Yeah, that worked for me too...until one day I got spam on the entire domain. Someone decided to run their username for loop on mydomain and they actually caught 3 or 4 of my aliases. I had to seriously cut back on the obvious (and stupid) aliases that I was using, such as postmaster, help, sales, sysadmin, etc. Now, I only use purpose-derived aliases, such as microsoft, amazon, etc.

Ever try spamgourmet [spamgourmet.com]? It allows you to create disposable email addresses. I use it mostly for sites that I know will not respect my privacy (online forums etc). I use your method for banks and reputable businesses. Basically I can create a disposable address on the fly. For instance I give you the addres jaruzel.10.(myusername)@spamgourmet.com. You can send mail to that address 10 times and it will get forwarded to my real address. The 11th mail will get bounced as it no longer exists. You can set t

First off, use Linux. If your OS isn't reasonably secure, all bets are off, and Windows is just too difficult to keep secure for a casual user. With a good linux distro you're much better off so long as you keep it updated.

Secondly use encrypted filesystems for data you want to keep private. I can recomend encfs for Linux http://arg0.net/wiki/encfs [arg0.net]... it's easy to use and can be installed with yum in Fedora. It uses file-level encryption which makes possible incremental backups which retain the encryption.

If you want protection from being forced by a court to give up your key, take a look at http://www.truecrypt.org/ [truecrypt.org] . This is a filesystem that lets you keep multiple levels of data encrypted with different keys, and if you give up one key noone can know that there's more data hidden with another key.

For web browsing use Tor, http://tor.eff.or/ [tor.eff.or]. Tor is still under development and may not be secure against a focused attack on you specifically, but at least your ISP won't be able to easily spy on you and your IPSs logs (which as we know are being mass-analyzed by the NSA) won't show anything about your activity. Also tor is/very/ easy to install and use, especially with Firefox and the FF tor extension. Also you can use it in combination with privoxy http://www.privoxy.org/ [privoxy.org] for some protection against malicious cookies and other tricks used by the sites you access.

Plus, here's a good trick for ensuring that your web browser cache, history, etc., can't be easily searched by someone who gets access to your computer... put them on an encrypted filesystem, as follows. Make a script that mounts an encrypted filesystem (asking for the passphrase), sets your HOME env var to the newly mounted fs, then starts Firefox (which now places its cache there because that's HOME), and unmounts the encrypted fs after Firefox exits. You should do this even if your entire home dir is also on an encrypted fs, because your normal home dir is likely to stay mounted for longer periods of time, so this way you separate the risk levels. And it's easy. An additional little-known trick for this: set the LOGNAME env var to something other than your username to let you run a second copy of Firefox on the same X display (so you can have an "insecure" and a "secure" one running at the same time).

Of course use GnuPG for secure email. The Thunderbird Enigmail extension makes it painless.

You should also give money to the EFF and run a Tor server if you can, to help maintain our ability to have some privacy.

Finally, if you are a hardcore libertarian and/or think we should have a truly free Internet, experiment with FreeNet http://freenetproject.org/ [freenetproject.org] and consider donating to its development. This project ran into some dead ends with scalability but the developers have taken a fresh approach and the new 0.7 dev version looks like it might be the start of something that could get big. They have a full-time programmer working on it paid by donations (and he's so dedicated to the ideal that his salary is the bare minimum he needs to live), so consider donating. (Btw., I'm not a libertarian in the political sense, but I think we need a strong counter-balance to the marching forces of fascism, so I donate to the Freenet project.)

GnuPG/GPG (http://www.gnupg.org/) for encrypting e-mails and TOR (http://tor.eff.org/) for anonymous Internet communication.Many people say "I will encrypt if I am sending/recieing something important/strange". It sounds reasonable, but this his way they (the ones who, legaly or illegaly, oversee) know when you send/recieve something (that you think is) "special" and to who. It's worse than not encrypting at all. They know that you have things to hide other than casual things (aunt's cookie recipe).

I use some select FF extensions, and will soon be setting up a tor node, along with common sense.

The FF extensions I use are:

NoScript (http://www.noscript.net/ [noscript.net]). I allow very few sites to run scripts, and the vast majority of sites work fine without JS. Even if JS is needed, it is easily enabled for good with noscript, or just for that browser session (and I use this feature more). Like flash and animated gifs, JS has been hijacked by marketters as a method to peddle their wares and they have spoilt it f

TOR and PGP/GPG.. enough people have mentioned them that I will only touch on them in passing. No sense in beating a dead horse.
Encrypt whatever traffic you can. If you can set up SSH tunnels to connect to a proxy server that connects to the TOR network or FreeNet, do so. Just remember that not all of the ingress/egress points you will contact will be friendly.
Use webmail sites to set up disposable e-mail addresses. Hushmail [hushmail.com] is good for encrypted webmail, unless you don't mind writing all of your e-